Snort mailing list archives
Re: running snort on Ubuntu
From: PS <packetstack () gmail com>
Date: Thu, 23 Feb 2012 02:37:25 -0500
Are you using barnyard to send the logs to the DB? Can you confirm if the log data is being imported into the DB which BASE is using? As for the DAQ issue. What is the exact command that you are running? On Feb 23, 2012, at 2:27 AM, Jagan Mohan Reddy D wrote:
Thanks for your reply.... i have another query on Snort with Base.... I am not getting alerts into BASE i.e all alerts it shows 0% only... one more thing is, while i'm running snort with command line option as snort -Q, i'm getting error... ERROR: pcap DAQ does not support inline. ---------------- D J M Reddy On 23 February 2012 12:29, PS <packetstack () gmail com> wrote: Assuming that you are using two interfaces... try the command below /usr/local/bin/snort --daq afpacket -Q -i eth0:eth1 -c /usr/local/snort/etc/snort.conf Replace eth0:eth1 with your corresponding interfaces. On Feb 23, 2012, at 1:32 AM, Jagan Mohan Reddy D wrote:$ sudo /usr/local/snort/bin/snort -de -i eth0 --daq-dir /usr/local/lib/daq -l /var/log/snort/ -c /usr/local/snort/etc/snort.conf While using the above command i'm getting the following errors...... [ Number of patterns truncated to 20 bytes: 1041 ] ERROR: pcap DAQ does not support inline. Fatal Error, Quitting.. What's wrong in that command .....? Here i'm attaching my snort.conf can any one please help me on this error.... ---------------- thanks & regards D J M Reddy <snort.conf>------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- running snort on Ubuntu Jagan Mohan Reddy D (Feb 22)
- Message not available
- Message not available
- Re: running snort on Ubuntu PS (Feb 22)
- Message not available
- Message not available
- Re: running snort on Ubuntu Jari Fredriksson (Feb 23)